<?php
/*  
  Copyright (c) 2010-02 SongCMS 
  SongCMS All Rights Reserved. 
  Support:www.SongCMS.com
  QQ:544255858   19951025
  Author:Song  Version:3.17
  Date:2010-08-12 09:28:32
*/

include_once('Admin.php');
if(!empty($_POST['SQL'])){
	$xSQL = str_replace('[!db.pre!]',$dbprefix,trim($_POST['SQL']));
	$xSQL = explode(";\r\n",$xSQL);
	$sarray = array();
	foreach($xSQL as $i => &$n){
		$n = stripcslashes(strtolower(trim($n)));
		if(substr($n,0,6) == 'select'){
			$sarray[] = @$db -> SelectSQL($n,1);
		} else {
			if(!@$db -> ExecuteSQL($n)){
				AdminLog(1,1,"执行SQL失败：{$n}"); 
				die("无法完成请求，请检查SQL是否正确：<font color='#FF0000'>{$n}</font><br /><br /><a href=\"ExecuteSQL.php\">返回</a>");	
			}
		}
	}
	AdminLog(1,1,'成功的执行了 ' . ($i+1) . ' 条SQL记录！'); 
	if(empty($sarray)){
		MsgBox (1,'成功的执行了 ' . ($i+1) . ' 条SQL记录！','0');
	} else {
		echo '返回查询结果 (<a href="ExecuteSQL.php">返回</a>)：<pre>';
		foreach($sarray as $a => $x){
			$xtitle = true;
			echo '<table border="0" cellpadding="3" cellspacing="1" bgcolor="#999999">';
			foreach($x as $b => $y){
				if($xtitle){
					echo '<tr>';
					foreach($y as $c => $z){ //表头
						echo "<td bgcolor=\"#E0E0E0\" style=\"font-size:12px;\" align=\"center\"><strong>{$c}</strong></td>";
					}
					echo '</tr>';
					$xtitle = false;
				}				
				echo '<tr>';
				foreach($y as $c => $z){
					echo '<td bgcolor="#FFFFFF" style="font-size:12px;">' . iconv_substr(htmlspecialchars($z),0,50,'utf-8') . '</td>';	
				}
				echo '</tr>';
			}
			echo '</table><br /><br />';
		}
		
		echo '</pre><a href="ExecuteSQL.php">返回</a>';
		exit();
	}
}

if(!empty($_POST['Find'])){
	$table = trim($_GET['t']);
	$field = trim($_GET['f']);
	$find = trim($_POST['Find']);
	$repl = trim($_POST['Repl']);
	if(empty($_GET['t']) || empty($_GET['f'])) MsgBox (1,'请选择要查找的数据表和字段名！','0');
	$SQL = "UPDATE `{$table}` SET `{$field }` = replace (`{$field}`,'{$find}','{$repl}')";
	if(@$db -> ExecuteSQL($SQL)){
		AdminLog(1,1,"成功的执行了数据库批量查找和替换操作。"); 
		MsgBox (1,'替换操作成功！','0');
	} else {
		AdminLog(1,1,"执行了数据库批量查找和替换操作失败。"); 
		MsgBox (1,'执行替换操作失败，无法完成请求！','0');		
	}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<script src="../js/csshovernotie6.js" type="text/javascript"></script>
<link href="./images/adminstyle.css" rel="stylesheet" type="text/css" />
<link rel="Shortcut Icon" href="../favicon.ico">
<link rel="Bookmark" href="../favicon.ico">
</head>
<body>
<br />
<table width="98%" border="0" align="center" cellpadding="4" cellspacing="1" bgcolor="#CCCCCC">
  <form id="form1" name="form1" method="post" action="">
  <tr>
    <td colspan="3" align="center" class="Main_Title">执行SQL语句</td>
  </tr>
  <tr class="odd">
    <td height="20" align="right">SQL</td>
    <td>
    	<textarea name="SQL" style="width:500px; height:200px;">
SELECT * FROM `[!db.pre!]product` ORDER BY ID DESC LIMIT 0,3;
SELECT * FROM `[!db.pre!]news` ORDER BY ID DESC LIMIT 0,3;
SELECT * FROM `[!db.pre!]article` ORDER BY ID DESC LIMIT 0,3;
SELECT * FROM `[!db.pre!]link` ORDER BY ID DESC LIMIT 0,3;
</textarea>
    	</td>
    <td>
		多条语句请用"回车"隔开,每条语句以"<font color="#FF0000">;</font>"结束，数据表前缀可用 "<font color="#FF0000">[!db.pre!]</font>" 表示<br />
		此功能影响到整个系统的数据，直接操作数据库。<br />
		<font color="#FF0000">执行数据库修改、删除、替换操作时请慎用，建议先对数据库进行备份！</font>
	</td>
  </tr>
  <tr class="odd">
    <td>&nbsp;</td>
    <td><input type="submit" name="button" id="button" value="执 行" class="submit" onClick="return confirm('确定执行以上SQL语句？');"  /></td>
    <td>&nbsp;</td>
  </tr>
  </form>
</table>
<br />
<table width="98%" border="0" align="center" cellpadding="4" cellspacing="1" bgcolor="#CCCCCC">
  <form id="form2" name="form2" method="post" action="">
  <tr>
    <td colspan="3" align="center" class="Main_Title">数据库批量查找和替换</td>
  </tr>
  <tr class="odd">
    <td align="right">数据表名：</td>
    <td>
		<select OnChange="window.open(this.options[this.selectedIndex].value,'_self')" size="1">
			<option value="ExecuteSQL.php">== 选择数据表 ==</option>
<?php
$conn = $db -> conn();
@$rs = mysql_list_tables($dbname,$conn);
$rows = mysql_num_rows($rs);
for ($i=0; $i<$rows; $i++) {
	$tbName = mysql_tablename($rs, $i);
	if(substr($tbName,0,strlen($dbprefix)) == $dbprefix){
		//$tables[] = $tbName;
		if(trim($_GET['t']) != $tbName){
			echo "<option value=\"ExecuteSQL.php?t={$tbName}\">{$tbName}</option>";
		} else {
			echo "<option value=\"ExecuteSQL.php?t={$tbName}\" selected=\"selected\">{$tbName}</option>";
		}
	}
}
?>
		</select>	
	</td>
    <td>请选择要查找的数据表</td>
  </tr>
  <tr class="odd">
    <td align="right">字段名称：</td>
    <td>
		<select OnChange="window.open(this.options[this.selectedIndex].value,'_self')" size="1">
			<option value="ExecuteSQL.php?t=<?php echo $_GET['t']?>">== 选择字段 ==</option>
<?php
$table = trim($_GET['t']);
if(!empty($table)){
	$db_selected = mysql_select_db($dbname,$conn);
	$SQL = "SELECT * FROM `{$table}` LIMIT 0,1";
	$result = mysql_query($SQL,$conn);
	$num = mysql_num_fields($result); //获取字段数
	for ($i=0; $i<$num; $i++) {
		$fName = mysql_field_name($result,$i);
		if(trim($_GET['f']) != $fName){
			echo "<option value=\"ExecuteSQL.php?t={$_GET['t']}&f={$fName}\">{$fName}</option>";
		} else {
			echo "<option value=\"ExecuteSQL.php?t={$_GET['t']}&f={$fName}\" selected=\"selected\">{$fName}</option>";
		}
	}
}
?>
		</select>	
	</td>
    <td>请选择要查找的字段</td>
  </tr>    
  <tr class="odd">
    <td height="20" align="right">要查找的内容：</td>
    <td><textarea name="Find" style="width:300px; height:60px;"></textarea></td>
    <td>该功能可用于数据迁移时替换文章内容中的图片路径等</td>
  </tr>
<tr class="odd">
    <td height="20" align="right">替换为：</td>
    <td><textarea name="Repl" style="width:300px; height:60px;"></textarea></td>
    <td>为空时将直接删除查找的内容</td>
  </tr>  
  <tr class="odd">
    <td>&nbsp;</td>
    <td><input type="submit" name="button" id="button" value="替换全部" class="submit" onClick="return confirm('确定执行数据批量替换？');" /></td>
    <td><font color="#FF0000">该功能直接操作数据库，请慎用，操作前请对数据库进行备份！</font></td>
  </tr>
  </form>
</table>
</body>
</html>